The Hard Disk Encryption Evaluation project is being conducted at the request of ITAG and led by Jonathan Hunt. The goal is to identify a product that can be utilized with relative easy to encrypt data on local hard drives in an effort to better protect against sensitive data therby lowering MIT's risk at exposing sensitive data. The target audience is laptops as they are more likely to "disappear", but we do not anticipate and reasons why a desktop would need a different solution.
The goals of the encryption solutions are:
- Ease of use (if it is hard to use, it won't be used)
- Transparency to the user (beyond authenticating at login or boot up)
- Recovery from forgotten passwords (don't loose the important data)
- Ease of setup
The project is not focussed on:
- Protecting data from network attacks
- Securing data communication channels for sharing the data
The initial evaluation will focus on utilizing the Encrypted File System that is an option as part of Windows XP Professional and FileVault that is an option as part of Mac OS X 10.4 Tiger. We have taken a brief look at other possible solutions including commericial products like PGP, but for decided to start with solutions that are already available to the target audience without the need for additional software.
The project will pilot the Software and Hardware Evaluation Pilot Process seeing if a Wiki provides a useful way to collect feedback from the community evaluators.
If you are interested in participating in the evaluation, please contact jmhunt@mit.edu.